<?php

/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */

ini_set("session.gc_maxlifetime", 300000);
ini_set("session.gc_divisor", "1");
ini_set("session.gc_probability", "1");
ini_set("session.cookie_lifetime", "0");
session_start();
include_once("../libs/setup.php");
include_once("../libs/helper.php");

$session_check = check_admin_session();
if ($session_check == true) {
 
    header("Location: home.php");
} else {
    if (!isset($_REQUEST["submit"])) {
 
        SmartyValidate::connect($smarty, true);
        SmartyValidate::register_validator('required_email', 'email', 'notEmpty');
        SmartyValidate::register_validator('format_email', 'email', 'isEmail');
        SmartyValidate::register_validator('required_password', 'password', 'notEmpty');
        $smarty->assign('wwwUrl','../');
        $smarty->display('admin/signin.tpl');
    } else {

        SmartyValidate::connect($smarty);
        // validate after a POST
        if (!SmartyValidate::is_valid($_POST)) {

            $smarty->assign($_POST);
            $smarty->assign('is_display_error', 'block');
            $smarty->assign('wwwUrl','../');
            $smarty->display('admin/signin.tpl');
        } else {

            $loginName = $_REQUEST["email"];
            $password = $_REQUEST["password"];

            $mysqli = connect_database($smarty);
            $lstUsers = $mysqli->query("Select * From `user`");
            if ($lstUsers != false) {
                $login_result = false;
                while ($row = $lstUsers->fetch_assoc()) {
                    $salt = $row["PassSalt"];
                    if ($loginName == $row["Email"] &&
                            md5($salt . $password) == $row["Password"]) {
                        if ($row["KichHoat"] == false) {
                            $smarty->assign('is_display_error', 'block');

                            $smarty->assign('error_message', '##EM_ADMIN_ACTIVATION_REQUIRED##');
                              $smarty->assign('wwwUrl','../');
                            $smarty->display('admin/signin.tpl');
                            return;
                        }
                        if ($row['Role'] != 'admin') {
                            $smarty->assign('is_display_error', 'block');

                            $smarty->assign('error_message', '##EM_ADMIN_NO_PERMISSION##');
                              $smarty->assign('wwwUrl','../');
                            $smarty->display('admin/signin.tpl');
                            return;
                        }
                        $login_result = true;
                        $loginName = $row["Email"];
                        $hoten = $row["HoTen"];
                        $_SESSION['ma_user'] = $row["Ma"];
                        $_SESSION['email'] = $loginName;
                        $_SESSION['hoten'] = $hoten;
                        $_SESSION['role'] = $row['Role'];
                        $_SESSION['last_activity'] = time();
                        if (isset($_REQUEST["keep_session"])) {
                            $_SESSION['expire_time'] = 259200;
                        } else {
                            $_SESSION['expire_time'] = 1200;
                        }
                        SmartyValidate::disconnect();
                        header("Location: home.php");
                        return;
                    }
                  
                }
                if ($login_result == false) {
                    $smarty->assign('is_display_error', 'block');
                    $smarty->assign('error_message', '#EM_WRONG_EMAIL_PASSWORD##');
                    $smarty->assign($_POST);
                      $smarty->assign('wwwUrl','../');
                    $smarty->display('admin/signin.tpl');
                }
            }
             if ($mysqli->error)
            {
               system_failed($mysqli->error, $smarty);
              return false;
             }
        }
    }
}
    
